Adblock support thread

Having an issue while using version 4.1.0-2 (for some reason opkg doesn't pick up 4.1.0-3) alongside unbound (1.13.1-1) on snapshot, it won't register the adblock list at all. I'm using a fresh install of openwrt and adblock, and /var/lib/unbound/unbound.conf is including the adb_list.overall file, so I'm very confused as to why it's not blocking anything.

root@OpenWrt:~# uci show adblock
adblock.global=adblock
adblock.global.adb_enabled='1'
adblock.global.adb_debug='0'
adblock.global.adb_forcedns='0'
adblock.global.adb_safesearch='0'
adblock.global.adb_dnsfilereset='0'
adblock.global.adb_mail='0'
adblock.global.adb_report='0'
adblock.global.adb_backup='1'
adblock.global.adb_maxqueue='4'
adblock.global.adb_sources='adaway' 'adguard' 'disconnect' 'yoyo'
adblock.global.adb_trigger='wan'
adblock.global.adb_dns='unbound'
adblock.global.adb_fetchutil='uclient-fetch'

The status shows it's enabled and has domains in the blocklist

root@OpenWrt:~# /etc/init.d/adblock status
::: adblock runtime information
  + adblock_status  : enabled
  + adblock_version : 4.1.0
  + blocked_domains : 41313
  + active_sources  : adaway, adguard, disconnect, yoyo
  + dns_backend     : unbound, /var/lib/unbound
  + run_utils       : /bin/uclient-fetch, /usr/bin/gawk
  + run_ifaces      : trigger: wan, report: -
  + run_directories : base: /tmp, backup: /tmp/adblock-Backup, report: /tmp/adblock-Report, jail: /tmp
  + run_flags       : backup: 1, flush: 0, force: 0, search: 0, report: 0, mail: 0, jail: 0
  + last_run        : start, 0m 4s, 1014/912/902, 24.03.2021 19:17:34
  + system          : FriendlyElec NanoPi R2S, OpenWrt SNAPSHOT r16313-851dadc257

EDIT: Resolved, something must have not loaded correctly since a reboot fixed it

hi friends, I use dnsmasq (it comes by default in the images) is it better unbound? what difference there are? is it difficult to make the change in the image?

This is unrelated to adblock - please ask in a new thread (or use the forum search as this topic has been discussed multiple times). Thanks!

Hi I want to understand about the changes will be applied when I select " Force Local DNS". What changes are applied to iptables and other configuration files. Please advice

Hopefully a useful example:

This LuCI setting ...

... adds this firewall rule in /etc/config/firewall:

config redirect 'adblock_lan53'
	option name 'Adblock DNS (lan, 53)'
	option src 'lan'
	option proto 'tcp udp'
	option src_dport '53'
	option dest_port '53'
	option target 'DNAT'

IPv6-NAT is not supported (by default not used/enabled in OpenWrt), check the Wiki for more information.

Hi @dibdot ...

Is it possible to customize the report sent by email?

I set up msmtp and I receive the correct email, follow the example:

I wonder if I can insert the DNS report in that email ...

My DNS report is also already configured, see:

Could you help me with that?

Thanks!

Yep, but not via GUI ... you have to manually edit /etc/adblock/adblock.mail
First one is a bugfix for 19.07, in line 57 make the following change:

old:
adb_info="$(/etc/init.d/adblock status 2>/dev/null)"

new:
adb_info="$(/etc/init.d/adblock status_service 2>/dev/null)"

To add report information as well, you have to enhance your mail script a little bit (two additional lines), e.g.:

right under the "adb_info" seen above, add this line (it generates the report and save it in a variable called "rep_info":

rep_info="$(/etc/init.d/adblock report cli 2>/dev/null)"

to write this in the email output, add this (line 70/71):
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Report Information ++\\n++</strong>\\n${rep_info}"

Completely untested, but should work ...:wink: To test this just call the changed mail script directly.

Thank you so far ...

I made the changes, however, I don't know if they are correct ...
I noticed that the command that sends the email is sending, but taking longer than usual ...
And I didn’t understand very well about the variable you asked for - sorry, I’m not a programmer and I don’t understand anything about programming ...
Here is my modified file for analysis:

#!/bin/sh
# send mail script for adblock notifications
# Copyright (c) 2015-2020 Dirk Brenken (dev@brenken.org)
# This is free software, licensed under the GNU General Public License v3.

# Please note: you have to manually install and configure the package 'msmtp' before using this script

# set (s)hellcheck exceptions
# shellcheck disable=1091,2010,2016,2034,2039,2059,2086,2091,2129,2143,2154,2181,2183,2188

LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"

if [ -r "/lib/functions.sh" ]
then
	. "/lib/functions.sh"
	adb_debug="$(uci_get adblock global adb_debug "0")"
	adb_mailsender="$(uci_get adblock global adb_mailsender "no-reply@adblock")"
	adb_mailreceiver="$(uci_get adblock global adb_mailreceiver)"
	adb_mailtopic="$(uci_get adblock global adb_mailtopic "adblock notification")"
	adb_mailprofile="$(uci_get adblock global adb_mailprofile "adb_notify")"
fi
adb_ver="${1}"
adb_mail="$(command -v msmtp)"
adb_logger="$(command -v logger)"
adb_logread="$(command -v logread)"
adb_rc=1

f_log()
{
	local class="${1}" log_msg="${2}"

	if [ -x "${adb_logger}" ]
	then
		"${adb_logger}" -p "${class}" -t "adblock-${adb_ver}[${$}]" "${log_msg}"
	else
		printf "%s %s %s\\n" "${class}" "adblock-${adb_ver}[${$}]" "${log_msg}"
	fi
}

if [ -z "${adb_mailreceiver}" ]
then
	f_log "err" "please set the mail receiver with the 'adb_mailreceiver' option"
	exit ${adb_rc}
fi

if [ "${adb_debug}" -eq 1 ]
then
	debug="--debug"
fi

adb_mailhead="From: ${adb_mailsender}\\nTo: ${adb_mailreceiver}\\nSubject: ${adb_mailtopic}\\nReply-to: ${adb_mailsender}\\nMime-Version: 1.0\\nContent-Type: text/html\\nContent-Disposition: inline\\n\\n"

# info preparation
#
sys_info="$(strings /etc/banner 2>/dev/null; ubus call system board | sed -e 's/\"release\": {//' | sed -e 's/^[ \t]*//' | sed -e 's/[{}\",]//g' | sed -e 's/[ ]/  \t/' | sed '/^$/d' 2>/dev/null)"
adb_info="$(/etc/init.d/adblock status_service 2>/dev/null)"

rep_info="$(/etc/init.d/adblock report cli 2>/dev/null)"

if [ -f "/var/log/messages" ]
then
	log_info="$(awk '/adblock-/{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"&#8629;"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}' /var/log/messages)"
elif [ -x "${adb_logread}" ]
then
	log_info="$("${adb_logread}" -e "adblock-" | awk '{NR=1;max=79;if(length($0)>max+1)while($0){if(NR==1){print substr($0,1,max),"&#8629;"} else {print " ",substr($0,1,max)}{$0=substr($0,max+1);NR=NR+1}}else print}')"
fi

# mail body
#
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Report Information ++\\n++</strong>\\n${rep_info}"
adb_mailtext="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
adb_mailtext="${adb_mailtext}\\n<strong>++\\n++ System Information ++\\n++</strong>\\n${sys_info}"
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Adblock Information ++\\n++</strong>\\n${adb_info}"
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Logfile Information ++\\n++</strong>\\n${log_info}"
adb_mailtext="${adb_mailtext}</pre></body></html>"

# send mail
#
if [ -x "${adb_mail}" ]
then
	printf "%b" "${adb_mailhead}${adb_mailtext}" 2>/dev/null | "${adb_mail}" ${debug} -a "${adb_mailprofile}" "${adb_mailreceiver}" >/dev/null 2>&1
	adb_rc=${?}
	f_log "info" "mail sent to '${adb_mailreceiver}' with rc '${adb_rc}'"
else
	f_log "err" "msmtp mail daemon not found"
fi
exit ${adb_rc}

And here, the e-mail...

That is, it did not work as expected.

Wrong ordering, change it like that:

# mail body
#
adb_mailtext="<html><body><pre style='display:block;font-family:monospace;font-size:1rem;padding:20;background-color:#f3eee5;white-space:pre'>"
adb_mailtext="${adb_mailtext}\\n<strong>++\\n++ System Information ++\\n++</strong>\\n${sys_info}"
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Adblock Information ++\\n++</strong>\\n${adb_info}"
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Report Information ++\\n++</strong>\\n${rep_info}"
adb_mailtext="${adb_mailtext}\\n\\n<strong>++\\n++ Logfile Information ++\\n++</strong>\\n${log_info}"
adb_mailtext="${adb_mailtext}</pre></body></html>"

Very nice now! Works great!

Just a curiosity:

I noticed that he takes the 50 records ... if he were to take everything, would I have to change where the code is?

I do not intend, since to generate this, it is taking about 1 minutes and 55 seconds ... imagine if you are going to get all the records!

Thanks again

Hi,

deeply undocumented but possible ...:wink:
Change the rep_info line like that:

rep_info="$(/etc/init.d/adblock report + 500 true cli 2>/dev/null)"

this generates a report with the last 500 DNS requests ....

1 Like

I tested this ...

It took 2 minutes and 50 seconds to be generated on a TP-Link WDR4300 and fired to my email ...

I will check an amount that I find interesting, but knowing the place where I must change it is much easier!

1 Like

This sounds like a good place to ask a question I had... I just started using the DNS over HTTPS package, and wonder if there are any issues with Adblock.

I haven't noticed any issues after a few days, but I wanted to go back to using Force Local DNS, which I don't have on right now.

I see in the box, if I hit the check, there are 53, 853, 5353 as what it would fill in. Wondering if you can tell if that's correct. Or, if somebody(s) out there have already been running both of these features, and how it's been going.

Hi dibdot.. Many thanks for your support here. Is this functionality added to GUI on next release?

An new query here. In my DNS reports, I am getting a lot IPV6 address instead of internal machines hostname or IPV4 address. May be there is nothing to with AdBlock on this. But how can I eliminate it? Disable IPV6 DHCP releases completely? I tried that but it fully broken my DHCP server and forwarding of packets. Any better way please

https://forum.openwrt.org/t/the-best-package-to-encrypt-your-dns-traffic/92363

Looks like this thread overlaps into my question about issues between Adblock and DNS over HTTPS (and other DNS encrypting methods)

Short answer, doesnt seem to break anything, but things might run a bit slower. They're still arguing about the premise of his thread, though.

@dibdot I noticed that download of 'games_tracking' failed for my router.
I checked out it's github and they changed a path to hosts list, new path is:

https://raw.githubusercontent.com/KodoPengin/GameIndustry-hosts-Template/master/Main-Template/hosts

Could you please update the url for games_tracking?

So, back to my DNS over HTTPS question, nobody else running that and Adblock?

Am still wondering if thse are the correct ports, if I force local DNS. Have been out of town the past week or so, havent had the chance to try it and see.

Thanks for the info - updated in 19.07, 21.02 and master branch.

1 Like

I am using force local DNS in Adblock and using port 53. I was having some clients which uses port 53, but some other external DNS servers. After enabling this settings, those traffic destined on port 53 (but other DNS server) forced to port 53 of the local DNS server. This is my setting. Again I am not using DNS over HTTPS. In this case, DNS over HTTPS may using a different port?, if so, you need to manually use that in firewall configuration. the rule that created by the above configuration in screenshots is under "Port forwards" under firewall configuration and it is easy to change the port 53 to a custom port. But I think it is good to create a new rule with the custom port.

image